hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 02:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: Attempt to mitigate potential bad join

Browse Source 
By joining simultaneously on controller class and name.
This commit is contained in:
Harry Maclean
2022-02-02 17:03:46 +13:00
parent a38bc9fe89
commit 749dc092ae
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ruby/ql/lib/codeql/ruby/frameworks/ActionController.qll
View File

@@ -94,7 +94,7 @@ class ActionControllerActionMethod extends Method, HTTP::Server::RequestHandler:
ActionDispatch::Route getARoute() {
result.getController() + "_controller" =
ActionDispatch::underscore(namespaceDeclaration(controllerClass)) and
this.getName() = result.getAction()
isActionControllerMethod(this, result.getAction(), controllerClass)
}
}